Lucene search
+L

1057 matches found

OSV
OSV
added 2026/05/28 10:16 a.m.7 views

UBUNTU-CVE-2026-46111

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in createbigsync Add hciconnvalid check in createbigsync to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in createbigcomplete and re-validate...

7.8CVSS5.7AI score0.00125EPSS
Exploits0References8
CVE
CVE
added 2026/05/28 9:35 a.m.26 views

CVE-2026-46111

The CVE concerns a use-after-free in the Linux kernel Bluetooth stack (hci_conn, BIG creation). The patch adds hci_conn_valid() in create_big_sync() to detect stale connections before BIG creation, handles -ECANCELED in create_big_complete(), and re-validates under hci_dev_lock() before dereferen...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/05/28 9:35 a.m.1 views

CVE-2026-46111 Bluetooth: hci_conn: fix potential UAF in create_big_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in createbigsync Add hciconnvalid check in createbigsync to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in createbigcomplete and re-validate...

7.8CVSS6.2AI score0.00125EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/28 9:35 a.m.38 views

CVE-2026-46111 Bluetooth: hci_conn: fix potential UAF in create_big_sync

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in createbigsync Add hciconnvalid check in createbigsync to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in createbigcomplete and re-validate...

7.8CVSS0.00125EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/05/28 3:54 a.m.10 views

SUSE CVE-2026-45984

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...

7.8CVSS5.9AI score0.0031EPSS
Exploits0References23
RedHat Linux
RedHat Linux
added 2026/05/28 2:21 a.m.14 views

kernel: can: j1939: j1939_session_new(): fix skb reference counting

In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...

5.5CVSS5.7AI score0.00224EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.16 views

PT-2026-44234

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A use-after-free issue exists in the Bluetooth component. The create big complete function unconditionally dereferences the...

7.8CVSS6AI score0.00125EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/05/28 12:0 a.m.14 views

PT-2026-44303

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified openSUSE Tumbleweed versions prior to kernel-devel-7.0.11-1.1 Description A use-after-free issue exists in the brcmfmac WiFi driver. This occurs when the watchdog task ends between the send sig and...

9.1CVSS5.9AI score0.00514EPSS
Exploits10References295
CNNVD
CNNVD
added 2026/05/28 12:0 a.m.11 views

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper handling of reference counting when deleting declarations in the batman-adv module. This issue...

8.8CVSS5.8AI score0.00274EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/27 11:47 p.m.10 views

CVE-2026-45951

A flaw was found in the Linux kernel, specifically within its BPF Berkeley Packet Filter subsystem. This vulnerability, a use-after-free, arises from incorrect reference counting in the checkpseudobtfid function. It allows a local attacker to potentially corrupt memory, which could lead to...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/27 3:33 p.m.12 views

EUVD-2026-32269

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...

5.9AI score0.0031EPSS
Exploits0References9
EUVD
EUVD
added 2026/05/27 3:33 p.m.14 views

EUVD-2026-32235

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a potential use-after-free of BTF object Refcounting in the checkpseudobtfid function is incorrect: the checkpseudobtfid function might get called with a zero refcounted btf. Fix this, and patch related code accordingly...

5.8AI score0.00124EPSS
Exploits0References4
NVD
NVD
added 2026/05/27 2:17 p.m.13 views

CVE-2026-45984

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...

7.8CVSS0.0031EPSS
Exploits0References17
OSV
OSV
added 2026/05/27 2:17 p.m.10 views

UBUNTU-CVE-2026-45996

In the Linux kernel, the following vulnerability has been resolved: spi: imx: fix use-after-free on unbind The SPI subsystem frees the controller and any subsystem allocated driver data as part of deregistration unless the allocation is device managed. Take another reference before deregistering...

7.8CVSS5.7AI score0.00139EPSS
Exploits0References7
OSV
OSV
added 2026/05/27 12:56 p.m.3 views

CVE-2026-46009 PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-ntb: Remove duplicate resource teardown epfntbepcdestroy duplicates the teardown that the caller is supposed to do later. This leads to an oops when .allowlink fails or when .droplink is performed. Remove t...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/05/27 12:55 p.m.45 views

CVE-2026-45996 spi: imx: fix use-after-free on unbind

In the Linux kernel, the following vulnerability has been resolved: spi: imx: fix use-after-free on unbind The SPI subsystem frees the controller and any subsystem allocated driver data as part of deregistration unless the allocation is device managed. Take another reference before deregistering...

0.00139EPSS
Exploits0References6
CVE
CVE
added 2026/05/27 12:55 p.m.29 views

CVE-2026-45996

The CVE-2026-45996 entry concerns a use-after-free in the Linux kernel SPI IMX driver (on unbind/deregistration). The root cause is that upon deregistering the SPI controller, driver data may be freed while still referenced, requiring an extra reference before deregistration to ensure data remain...

7.8CVSS5.8AI score0.00139EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2026/05/27 12:18 p.m.2 views

CVE-2026-45984 gfs2: Fix use-after-free in iomap inline data write path

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in iomap inline data write path The inline data buffer head dibh is being released prematurely in gfs2iomapbegin via releasemetapath while iomap-inlinedata still points to dibh-bdata. This causes a...

7.8CVSS6.4AI score0.0031EPSS
Exploits0References20
CVE
CVE
added 2026/05/27 12:18 p.m.24 views

CVE-2026-45981

CVE-2026-45981 (Linux kernel, s390/cio): The vulnerability stems from device lifecycle mismanagement in css_alloc_subchannel() where, if dma_set_coherent_mask() or dma_set_mask() fails, the error path frees the subchannel without proper device model reference counting. After device_initialize() i...

5.5CVSS5.7AI score0.00126EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/05/27 12:18 p.m.48 views

CVE-2026-45951 bpf: Fix a potential use-after-free of BTF object

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a potential use-after-free of BTF object Refcounting in the checkpseudobtfid function is incorrect: the checkpseudobtfid function might get called with a zero refcounted btf. Fix this, and patch related code accordingly...

7.8CVSS0.00124EPSS
Exploits0References3
Rows per page
Query Builder